Spam Cleaning with the Big Boys

Server-based anti-spam protection isn't just a good idea, it's the only feasible idea for ISPs and businesses.

 By Steven J. Vaughan-Nichols
Page 1 of 3
Print Article

Your users think they have spam problems in receiving a hundred or so spam messages a day? Tell them to try administering the network for an ISP or business, where on a good day you're fortunate to have to deal with fewer than one hundred thousand spam messages a day.

Can't believe it's really that much? Think again. So just how bad is the problem? Ferris Research, a San Francisco- and London-based email and groupware analysis firm, says that 30% of inbound email is spam at ISPs, while at companies, spam accounts for a full 15% to 20% of inbound email. "In 2002," Ferris reports, "the total cost of spam to corporate organizations in the United States was $8.9 billion."

Since that Ferris study, things have only gotten worse. According to ISP and business mail administrators I've spoken with, ISP inbound mail is now up to 50% junk mail, while corporate e-mail servers are up to a rather horrifying 30%. And with groups like the Australia-based Coalition against Unsolicited Bulk Email estimating that spam's volume is doubling every 4.5 months, the spam problem is only going to get worse.

So what can you do when your network bandwidth is eaten alive by spammers, your users are screaming for relief, and your mail server hard drives are always running close to their limits? What most ISPs and companies are doing is deploying gateway anti-spam programs.

Specifically, ISPs tend to deploy SpamAssassin, a powerful open source mail-filtering program, while businesses tend to favor commercial programs like Brightmail Anti-Spam 5.1 or MailFrontier Anti-Spam Gateway 2.1.

You could, of course, install client-based programs like Norton AntiSpam 2004 or Qurb 2, but that's not a great idea in ISP and corporate environments for a couple of reasons.

The first is simply that client-based approaches cost more – much more – per user than server-based solutions. The other – and really the more important – reason is that supporting them will cost you even more in terms of help desk time.

Thus, while client-based solutions are fine for individual users or even small businesses, they simply don't scale well for ISPs or medium to large businesses.

Page 2: Spam Protection at the Gateway

This article was originally published on Nov 5, 2003
Get the Latest Scoop with Networking Update Newsletter